7 research outputs found
An incremental points-to analysis with CFL-reachability
Abstract. Developing scalable and precise points-to analyses is increasingly important for analysing and optimising object-oriented programs where pointers are used pervasively. An incremental analysis for a program updates the existing analysis information after program changes to avoid reanalysing it from scratch. This can be efficiently deployed in software development environments where code changes are often small and frequent. This paper presents an incremental approach for demand-driven context-sensitive points-to analyses based on Context-Free Language (CFL) reachability. By tracing the CFL-reachable paths traversed in computing points-to sets, we can precisely identify and recompute on demand only the points-to sets affected by the program changes made. Combined with a flexible policy for controlling the granularity of traces, our analysis achieves significant speedups with little space overhead over reanalysis from scratch when evaluated with a null dereferencing client using 14 Java benchmarks.
Program Tailoring: Slicing by Sequential Criteria
Protocol and typestate analyses often report some sequences of
statements ending at a program point P that needs to be
scrutinized, since P may be erroneous or imprecisely
analyzed. Program slicing focuses only on the behavior at P by
computing a slice of the program affecting the values at P. In
this paper, we propose to restrict our attention to the subset of
that behavior at P affected by one or several statement
sequences, called a sequential criterion (SC). By leveraging the
ordering information in a SC, e.g., the temporal order in a few
valid/invalid API method invocation sequences, we introduce a
new technique, program tailoring, to compute a tailored program
that comprises the statements in all possible execution paths
passing through at least one sequence in SC in the given
order. With a prototyping implementation, Tailor, we show why
tailoring is practically useful by conducting two case studies on
seven large real-world Java applications. For program
debugging and understanding, Tailor can complement program
slicing by removing SC-irrelevant statements. For program
analysis, Tailor can enable a pointer analysis, which is
unscalable to a program, to perform a more focused and therefore
potentially scalable analysis to its specific parts containing
hard language features such as reflection
An Instantaneous Framework For Concurrency Bug Detection
Concurrency bug detection is important to guarantee the correct behavior of multithread programs. However, existing static techniques are expensive with false positives, and dynamic analyses cannot expose all potential bugs. This thesis presents an ultra-efficient concurrency analysis framework, D4, that detects concurrency bugs (e.g., data races and deadlocks) “instantly” in the programming phase. As developers add, modify, and remove statements, the changes are sent to D4 to detect concurrency bugs on-the-fly, which in turn provides immediate feedback to the developer of the new bugs. D4 includes a novel system design and two novel parallel incremental algorithms that embrace both change and parallelization for fundamental static analyses of concurrent programs. Both algorithms react to program changes by memoizing the analysis results and only recomputing the impact of a change in parallel without any redundant computation. Our evaluation on an extensive collection of large real-world applications shows that D4 efficiently pinpoints concurrency bugs within 10ms on average after a code change, several orders of magnitude faster than both the exhaustive analysis and the state-of-the-art incremental techniques
Incremental Static Analysis of Probabilistic Programs
Probabilistic models are used successfully in a wide range of fields, including machine
learning, data mining, pattern recognition, and robotics. Probabilistic programming
languages are designed to express probabilistic models in high-level programming
languages and to conduct automatic inference to compute posterior distributions.
A key obstacle to the wider adoption of probabilistic programming languages
in practice is that general-purpose efficient inference is computationally difficult.
This thesis aims to improve the efficiency of inference through incremental analysis,
while preserving precision when a probabilistic program undergoes small changes.
For small changes to probabilistic knowledge (i.e., prior probability distributions
and observations), the probabilistic model represented by a probabilistic
program evolves. In this thesis, we first present a new approach, Icpp, which
is a data-flow-based incremental inference approach. By capturing the probabilistic
dependence of each data-flow fact and updating changed probabilities
sparsely, Icpp can incrementally compute new posterior distributions and
thus enable previously computed results to be reused.
For small changes at observed array data, upon which their probabilistic models
are conditioned, the probabilistic models remain unchanged. In this thesis, we
also present ISymb, which is a novel incremental symbolic inference framework.
By conducting an intra-procedurally path-sensitive analysis, except for "meets-over-all-paths" analysis within an iteration of a loop (conditioned on some
observed array data), ISymb captures the probability distribution for each
path and only recomputes the probability distributions for the affected paths.
Further, ISymb enables a precision-preserving incremental symbolic inference
to run significantly faster than its non-incremental counterparts.
In this thesis, we evaluate both Icpp and ISymb against the state-of-the-art
data-flow-based inference and symbolic inference, respectively. The results demonstrate
that both Icpp and ISymb meet their design goals. For example, Icpp
succeeds in making data-flow-based incremental inference possible in probabilistic
programs when some probabilistic knowledge undergoes small yet frequent changes.
Additionally, ISymb enables symbolic inference to perform one or two orders of
magnitude faster than non-incremental inference when some observed array dat
Forum - Ausgabe 2014
Informiert über die Forschungsaktivitäten an der Hochschule Konstanz im Jahr 2014
Fast and precise points-to analysis with incremental CFL-reachability summarisation: preliminary experience
We describe our preliminary experience in the design and implementation of a points-to analysis for Java, called EMU, that enables developers to perform pointer-related queries in programs undergoing constant changes in IDEs. EMU achieves fast response times by adopting a modular approach to incrementally updating method summaries upon small code changes: the points-to information in a method is summarised indirectly by CFL reachability rather than directly by points-to sets. Thus, the impact of a small code change made in a method is localised, requiring only its affected part to be re-summarised just to reflect the change. EMU achieves precision by being context-sensitive (for both method invocation and heap abstraction) and field-sensitive. Our evaluation shows that EMU can be promisingly deployed in IDEs where the changes are small